Pages

Sunday, 13 September 2009

Thanks to FXCop teams and Microsoft for presenting FXCop tool to us for analysis of code. This is widely used for code review purpose. And which analyze compiled .NET assemblies for compliance. It is a tool to check your code against the rules or guidelines defined by FXCop engine and/or your own rules. It is freely available from Microsoft. You can download it from here.

FXCop supports assemblies written in C#, VB.NET, C++/CLI, and other managed .NET languages.

FXCop aims to make it easy to Act in accordance with someone's rules, commands, or wishes by scanning compiled assemblies/dll/exe and creating a report that listed out the details coding violations and suggests code fixes and improvements.

Modes of Operation

FXCop can be operated in two modes:

1.Through GUI and

2. Through command-line mode.

Behind the screen

FXCop (1.30 and higher) performs analysis through a technique called Introspection. The use of the Introspection engine allows for much faster/ richer analysis infrastructure and supports multithreaded analysis to read the code of your assembly and process against predefined rules categorized as naming conventions, library design, localization, security, performance, portability, interoperability etc.

Every assembly in .NET has metadata, which describes the assembly and all types used in the assembly.

FXCop uses this metadata to learn what is going on in the code. In addition, it examines the Microsoft Intermediate Language (MSIL) generated when code is compiled. The combination of examining the metadata and MSIL provides FXCop plenty of information to gain an understanding of what the code is doing. It compares your code against the rules and generates a message for every instance where code doesn't conform to the rules.

Rules defined by FXCop

1. Design Rules

2. Globalization Rules

3. Interoperability Rules

4. Mobility Rules

5. Naming Rules

6. Performance Rules

7. Portability Rules

8. Security Rules

9. Usage Rules

Last but not the least: The FXCop Introspection engine can be leveraged to develop custom FXCop rules specific to the project needs.

Report generation

The report generated by an FXCop run detail the violations and the files, where they are found; as shown in the below figure. These are then fixed by developers; the code is then committed and FXCop is re-run to check if the code has successfully passed through all the checks.

on click of External tool one new dialog box would open.click on Add button to display the new configuration dialog box as below:

fig: Adding FXCop to External toll

On new windows set the parameter as below:1. ADD: Click on ADD button to add an Fxcop as external tool2. Title: provide an external toll name (something like FxCop).3. Command: To set the value of the Command text box, browse to the location where FxCopis installed, and select FxCopCmd.exe. (in my case it is atC :\Program Files\Microsoft FxCop 1.36\FxCopCmd.exe)

• /s - Indicates FXCop to include the summary report with the informational message. • /r: - Indicates the directory location where FXCop rules library is saved (typically \Microsoft FxCop 1.36\Rules). This will load the entire rules library (.dll files) from the path, during the run.5. Initial Directory : Set the Initial Directory to the location where FxCopCmd should start.("C:\Program Files\Microsoft FxCop 1.36")6. Select the Use Output window check box.7. Click OK.

at last we have integarted FXCop to our VS.Net.Now to Run this FXCop for Code Review analysis Click on Tools, under drop down menu select FXCop as shown below:

fig: Run FXcop through VS.Net

On click of FXCop ,the FXCop Engine would start Analysis our code w.r.t selected Rules and The analysis results will be posted in the "Output Window" of VS with the rule name, code file name, and error details as shown below ,The developer can click on the relevant FXCop error and navigate to the source-code to understand the problem and then fix it.